How safe is Bitcoin?

Bitcoin is becoming an everyday topic of conversation, this week has seen bitcoin hit a peak of over $16,000 following the cryptocurrency’s debut on Wall Street, a massive rise from where it was at the beginning of 2017 where it cost just over $950 to purchase a Bitcoin. With this rise in interest from the public and increasing value, Bitcoin faces the risk of becoming more susceptible to attacks from hackers and other malicious users. 

What is Bitcoin?

Bitcoin was invented by an unknown group or person referred to as Satoshi Nakamoto. It is the first de-centralised cryptocurrency worldwide i.e. there is no single administrator or central bank. Transactions take please between users for goods and services without a third party intermediary. The bitcoin network is peer to peer and transactions take place through the use of cryptography. A key factor of bitcoin is that transactions are anonymous and are verified by “miners”. These transactions are then recorded in a public distributed ledger called Blockchain.

How does it work?

Using Bitcoin, a person can buy almost anything; from computers, houses to coffee. Bitcoin wallets are used to send transactions to and from a user. Wallets have both a public key, which anyone can see (quite similar to an email address) and a private key which (similar to a password). Without this private key, bitcoin cannot be accessed.  

Bitcoins are created through a process known as “mining”. New Bitcoins are issued to agents known as “miners”, as payment for processing Bitcoin transactions and adding them to a public ledger of transactions, also known as the Blockchain. 

The Blockchain is a de-centralised ledger of all transactions in a network. Using Blockchain technology, participants in the network can confirm transactions without the need for a trusted third party.

  • The list of these transactions are protected in the Blockchain.
  • A block is the aspect of a Blockchain, which records some or all of the recent transactions that take place.
  • By requiring difficult math problems to be solved with each block, potential attackers are up against the entire rest of the network in a computational race that they are very unlikely to win.
  • Once a transaction is completed, a block goes into the Blockchain and is held here permanently.
  • Each time a block gets completed, a new one is generated. There are countless number of such blocks in the Blockchain, connected to each other in a chronological order.

Is bitcoin secure?

The bitcoin protocol itself is secure due to the Blockchain technology. However, the same cannot be said for the threats posed to accompanying sites and services. There are ways in which Bitcoin can be hacked and stolen. The majority of these ways come down to negligence or error. For example:

  • Exposing your private key
  • Using an untrustworthy third party wallet provider

"Only time will tell if Bitcoin will be able to survive these potential vulnerabilities and future risks."

Leonard McAuliffe, Director, Cybersecurity PwC Ireland

Although bitcoin is a digital currency, it is not recommended to store the bitcoin online as this poses a security threat. An example of this security issue that we have seen is the “Inputs.io” hack.

  • “Inputs.io” offered a service that allowed bitcoin users to store their bitcoin in provided online wallets.
  • These wallets were eventually compromised on two separate occasions by means of a social engineering attack and in the end 4,100 bitcoin was stolen, this is the equivalent of $120 million!

Just last week nearly $64m in bitcoin had been stolen by hackers who broke into Slovenian-based bitcoin mining marketplace NiceHash. This was a highly professional social engineering hack which resulted in 4,700 bitcoin being stolen. Once again this is proving that online security is a massive concern for cryptocurrencies as digital wallets become increasingly popular targets for hackers.  

Double Spending is another threat that faces bitcoin:

  • Double spending refers to the possibility of bitcoin transactions being copied and reused a second time by attackers.
  • Blockchain is used as the platform to monitor this and prevent it from happening.
  • If an individual or a group of individuals owns more than 50% of the computing power within the bitcoin network, the network is opened up to the possibility of a 51% attack. This percentage in computing power can be used to split the main transaction Blockchain and commit fraud. It is argued that a 51% attack is not beneficial to the attacker seeing as it can be easily identified and not economically beneficial to them, however it is still a vulnerability associated with bitcoin and one that needs to be taken seriously.
  • Future Computing Power
    In theory, the bitcoin algorithm can be hacked, but this is not feasible with current technologies as well as not being worth it when looking at cost versus reward. However, due to future advances in computer power and technologies, the algorithm could be under threat of being hacked. Researchers have claimed that by 2027, quantum computers may be able to hack private keys using public keys. Researchers claim the resulting threat posed to the bitcoin algorithm is due to its reliance on public / private keys. Bitcoin will need to be further developed to mitigate against this.

Final conclusions

In conclusion, bitcoin and blockchain are currently secure, however there are:

  • Potential vulnerabilities in the sites and services that deal with bitcoin, e.g. wallets and exchanges. Most breaches are due to negligence while trading bitcoin, not the bitcoin protocol itself.
  • Possibilities of a 51% attack which may lead to the possibility of double spending or a denial of service attack.
  • Potential risks with reference to future computing power. As technologies and computer power advance, such as quantum computing, bitcoin must adapt to mitigate the risk.

Only time will tell if bitcoin will be able to survive these potential vulnerabilities and future risks. As bitcoin continues to develop and become an integral part of the financial system, security has to be a key focus for anyone dealing with bitcoin and other cryptocurrencies. 

This article was first published in the Irish Examiner on the 18 December 2017

Contact us

Leonard McAuliffe
Director
Tel: +353 1 792 8632
Email

Follow PwC Ireland